I'm a C# developer having worked with .Net since it was in beta. Before that I mainly worked in C and C++. I have been developing commercial software for more than 20 years. I also mess around with microprocessors, but that's just for fun. I live near Cambridge, England and work from home in my 'silicon shed'.

Blogroll

In software, the amount of randomness collected by an Operating System is called entropy. I have recently been messing about with entropy on my Linux boxes. This happened because I was fiddling with https (SSL/TLS) and cryptography relies on a good source of random numbers. The random numbers need to come from somewhere.

On most Linux machines, you can see how much entropy your system has by looking at the value in /proc/sys/kernel/random/entropy_avail.

If your machine runs low on entropy, it means that any cryptographic calculations will either have to use a weak source of random numbers (and therefore be less secure) or will block until there is more entropy (meaning that things on your system might appear to slow down).

So out of curiosity I decided to experiment with this. I took my CPU monitoring webserver and adapted it to watch the entropy available rather than the CPU use. If you're really interested, the code can be found on GitHub here.

NOTE: you probably won't want to install the entropy monitoring webserver on your machine, because you would not want to tell the outside world how much entropy your system has available. I am only using it for experimentation and learning.

But ... here are some experiments that I did:

Driver Activity

On Linux, the system uses various sources of entropy. Some of the entropy comes from drivers - including the keyboard and mouse drivers. This is why a VM or perhaps even a 'headless' machine might struggle to generate good quality random numbers - because it is unlikey to see the same type of driver activity. The following experiment demonstrated the effect of mouse movements on the amount of entropy available in a VM:

You can see the entropy increasing much more rapidly when the mouse moves.

Process Activity

Starting a process on Linux consumes entropy. So you can try running some commands in a terminal window to see the impact on your entropy:

It's interesting to see the entropy drop as I'm running simple commands. I believe that a new process consumes entropy because it will use random numbers for the Address Space Layout Randomization.

It was reasonably interesting to do those experiments. There is some useful further reading about random numbers and cryptography here. I also found some work that has been done locally here in Cambridge at this blog which was interesting ... and also involves the Raspberry Pi.